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Abstract. One may formulate the dependent product types of Martin-L6f type 
theory either in terms of abstraction and application operators like those for the 
lambda-calculus; or in terms of introduction and elimination rules like those for the 
other constructors of type theory. It is known that the latter rules are at least as 
strong as the former: we show that they are in fact strictly stronger. We also show, 
in the presence of the identity types, that the elimination rule for dependent prod- 
ucts — which is a "higher-order" inference rule in the sense of Schroeder-Heister - can 
be reformulated in a first-order manner. Finally, we consider the principle of func- 
tion extensionality in type theory, which asserts that two elements of a dependent 
product type which are pointwise propositionally equal, are themselves proposition- 
ally equal. We demonstrate that the usual formulation of this principle fails to 
verify a number of very natural propositional equalities; and suggest an alternative 
formulation which rectifies this deficiency. 
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1. Introduction 

This is the first in a series of papers recording the author's investigations into the 
semantics of Martin-L6f 's dependent type theory; by which we mean the type theory 
set out in the expository volume [7]. The main body of these investigations concerns 
what the author is calling two-dimensional models of dependent type theory. Recall 
that one typically divides the models of Martin-L6f 's type theory into extensional and 
intensional ones, the former differentiating themselves from the latter by their admission 
of an equality reflection rule which collapses the propositional and definitional equalities 
of the language into a single, judgemental, equality. The two-dimensional models that 
the author is studying are of the intensional kind, but are not wholly intensional: they 
admit instances of the equality reflection rule at just those types which are themselves 
identity types. 
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In the process of making his investigations, the author has discovered certain unre- 
solved issues concerning the dependent product types of Martin-L6f type theory; and 
since these issues exist beyond the domain of two-dimensional models, it seemed worth- 
while to collect his conclusions into this preliminary paper. 

The first of these issues concerns how we formulate of the rules for the dependent 
product types. There are two accepted ways of doing this. In both cases, we begin 
with a formation rule which, given a type A and a type B(x) dependent on x : A, 
asserts the existence of a type H(A,B); and an abstraction rule which says that, from 
an element f(x) : B{x) dependent on x : A, we may deduce the existence of an el- 
ement A(/) : H(A, B). We may then complement these rules with either an applica- 
tion rule, which tells us that, from m : 11(^4, B) and a : A, we may infer an element 
app(m,a;) : B(x); or an elimination rule, which essentially tells us that any (dependent) 
function out of LT(A, B) is determined, up-to-propositional-equality, by its values on 
those elements of the form A(/) for some dependent element x : A h f(x) : B(x). 

There are two problematic features here. The first concerns the nature of the elimi- 
nation rule, which is a higher-order inference rule in the sense of Schroeder-Heister [8]. 
In order to formulate this rule rigorously, we must situate our type theory within an 
ambient calculus possessing higher-order features; a suitable choice being the Logical 
Framework described in Part III of [7], and recalled in Section 2 below. Yet it may 
be that we do not wish to do this: one reason being that the categorical semantics of 
Martin-L6f type theory looks rather different when it is formulated within the Logical 
Framework. Hence our first task in this paper is to give a first-order reformulation of 
the elimination rule in terms of the application rule and a propositional form of the 
?7-rule; a reformulation that may be stated without recourse to the Logical Framework. 

The second problematic feature concerns the precise relationship between the appli- 
cation and elimination rules for dependent products. We know that the application rule 
may be defined in terms of the elimination rule, so that the elimination rule is stronger; 
yet it is not known whether it is strictly stronger. Our second task is to show that this 
is in fact the case; we do this by describing a non-standard interpretation of the II-types 
for which the application rule obtains, yet not the elimination rule. 

We then move on to another issue, namely the formulation of the principle of function 
extensionality in Martin-L6f type theory. This principle asserts that if m and n are 
elements of H(A, B) and we can affirm a propositional equality between app(m, x) and 
app(n, x) whenever x : A, then we may deduce the existence of a propositional equality 
between m and n. One result of the author's investigations has been that, if we are to 
obtain a notion of two-dimensional model which is reasonably urbane from a category- 
theoretic perspective, then we must impose some kind of function extensionality. Yet 
the principle of function extensionality just stated has been found wanting in this regard, 
since it fails to provide witnesses for a number of very natural propositional equalities 
which are demanded by the semantics; some of which are detailed in Examples 5.6 
below. From a category-theoretic perspective, we might say that the principle of function 
extensionality fails to be coherent. Our third task in this paper, therefore, is to propose 
a suitably coherent replacement for function extensionality. 

Acknowledgements. The author wishes to thank Johan Granstrom, Per Martin- 
Lof, Erik Palmgren, Olov Wilander and other members of the Stockholm-Uppsala Logic 
Seminar for useful comments and suggestions on earlier drafts of this paper. 

2. MARTIN-LOF TYPE THEORY 

2.1. We begin with a brief summary of the two principal ways in which one may present 
Martin-L6f type theory. The more straightforward is the "polymorphic" presentation 
of [5, 6]. This is given by a reasoning system with four basic forms of judgement: 
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• r h A type ( " A is a type under the hypothesis T" ) ; 

• rhaii ("aisan element of A under the hypothesis T); 

• T \- A = B type ( U A and B are equal types under the hypothesis F'); 

• T \- a = b : A ( u a and b are equal elements of A under the hypothesis T"). 

Here, T is to be a context of assumptions, T = {x\ : A\, X2 ■ A2, x n : j4„_i), 
subject to a requirement of well-formedness which affirms that each Ai is a type under 
the assumptions (x\ : A\, . . . , x^i : A^x). The polymorphic presentation of Martin- 
Lof type theory is now given by specifying a sequent calculus over these four forms of 
judgement: so a number of axiom judgements, together with a number of inference rules 

Ji ■ ■ ■ Jn 
J 

allowing us to derive the validity of the judgement J from that of the JiS. As usual, 
these inference rules separate into a group of structural rules which deal with the contex- 
tual book-keeping of weakening, contraction, exchange and substitution; and a group of 
logical rules, which describe the constructions we wish to be able to perform inside our 
type theory: constructions such as cartesian product of types, disjoint union of types, 
or formation of identity types. 

2.2. However, certain of the logical rules of Martin-L6f type theory cannot be formalised 
in this setting, since they require the use of higher-order judgements T h J , in which the 
context of assumptions T may itself contain a judgement under hypotheses. Amongst 
such rules are those for the W-types, which are the type-theoretic manifestation of 
recursive datatypes; and, as we mentioned in the Introduction, the elimination rule for 
the dependent products. 

In order to formulate these higher-order rules, we may pass to the "monomorphic" 
presentation of Martin-L6f type theory This is given in terms of the Logical Framework, 
which is essentially a formalisation of the meta-theory we use to reason about the cal- 
culus of types. The basic judgements of this meta-theory look rather like those of type 
theory: 

Th A sort; T h a : A; T \- A = B sort; and T h a = b : A. 

However, the meaning is somewhat different. We think of a sort of the Logical Frame- 
work as being a category of judgements about type theory. In particular, the Logical 
Framework has rules 



h type sort A : type h el A sort ' 

which express the existence of the category of judgements " — is a type"; and, under the 
assumption that 11 A is a type" , of the category of judgements " — is an element of A" . 
Using these, we may interpret more complex judgements of type theory; for example, 
if we know that " A is a type" , then we can interpret the judgement J that u B{x) is a 
type under the hypothesis that x is an element of A" as 

x : el A h B(x) : type. 

Yet this is not an entirely faithful rendition of J , since strictly speaking, the displayed 
sequent asserts the judgement il B(x) is a type" under the hypothesis that "x is an ele- 
ment of A" . To resolve this, we introduce the other key aspect of the Logical Framework, 
namely the function sorts. These are specified by rules of formation, abstraction and 
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application: 

T, x: AY- B(x) sort T, x : A h b(x) : B(x) 



T V- (x:A)B sort ' V V- [x : A] b(x) : (x : A) B(x) 

V V- f :{x: A)B T h a : A 



and 



T h /(a) : B(a) 



subject to the a-, /?-, rj- and £-rules of the lambda calculus. Using function sorts, we 
can now render the judgement J more correctly. We have the sort {x : el A) type, which 
is the category of judgements " — is a type under the hypothesis that x is an element 
of A" ; and can now interpret J as the judgement 

V-B : (x : el A) type. 

2.3. We may translate the polymorphic presentation of Martin-L6f type theory into 
the monomorphic one by encoding the inference rules of the former as higher-order 
judgements of the latter. For instance, consider the hypothetical type constructor <f> 
with rules 

A type A type a : A 

and 



type 4>a(o): 
We may encode this in the Logical Framework by terms 

h $ : (A : type) type and h (f> : (A : type, a : el A) el 

where for readability we write iterated function spaces as (A : type, a : el A) el &(A) 
instead of the more correct (A : type) (a : el A) el $(A). Note that this encoding says 
more than the original, by affirming a certain insensitivity to ambient context; since 
from the constants $ and 0, we obtain a whole family of inference rules 

rhi type T V- A type T h a : A 

r h &(A) type ^ r h 4> A {a) : $(A) ' 

together with further rules expressing stability under substitution in T. However, this 
is no bad thing, since any acceptable inference rule of the polymorphic theory will pos- 
sess this "naturality" in the context T. In the remainder of this paper we work in the 
monomorphic presentation of type theory, but will take advantage of the above encoding 
process in order to present the rules of our type theory in the more readable polymor- 
phic style. For more on the relationship between the monomorphic and polymorphic 
presentations, see [3]. 

3. A FIRST-ORDER REFORMULATION OF THE II-ELIMINATION RULE 

3.1. Our main concern in this paper is with the dependent product types of Martin-L6f 
type theory: but in this analysis, we will from time to time make use of the identity 
types, which are a reflection at the type level of the equality judgements a = b : A. We 
begin, therefore, by recalling the rules for the identity types: 

A type a, b : A A type a : A 

■ I 7 7 w Id-FORM; 7~~ ■ - , r- Id-INTRO; 

\dA(a,b) type r(a) : lcU(a, a) 



A type x, y : A, z : \&a{x, y) r- C(x, y, z) type 
x : AY- d(x) : C(x, x, r{x)) a,b : A p : \dA(a, b) 
J(d, a, b,p) : C(a, b,p) 



Id-ELIM; 
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A type x, y : A, z : \d A (x, y) h C(x, y, z) type 
x : A \- d(x) : C(x,x,r(x)) a : A 

J(d, a, a, r(a)) = d(a) : C(a, a, r(a)) 



Id-COMP. 



The notion of equality captured by the identity types is known as propositional equal- 
ity: to say that a and b are propositionally equal as elements of A is to say that we may 
affirm a judgement p : Id^a, b). We think of \6a as being a type inductively generated 
by the elements r{a) : Id^a, a), with the elimination rule and computation rules express- 
ing that any dependent function out of IcU is determined up-to-propositional-equality 
by its value on elements of the form r(a). 

3.2. We are now ready to describe the two standard formulations of dependent product 
types in Martin-L6f type theory. The first, which we will refer to as the a pp- formulation, 
is analogous to the A-calculus with the /3-rule but no 7/-rule: 

A type x: AY- B(x) type x : A V- fix) : B(x) 

Il-FORM; — II-ABS; 

n(A,B)type X(f):IL(A,B) 

m : U(A, B) a : A x : A h fix) : B(x) a : A 

II-APP; Y1-/3. 

app(m,a) : B(a) app(A(/), a) = f(a) : B(a) 

Note that, for the sake of readability we omit the hypotheses A type and x : A h B(x) type 
from the last three of these rules; and in future, we may omit any such hypotheses that 
are reconstructible from the context. To further reduce syntactic clutter, we may also 
write ILc : A. B{x) instead of [x : A] B(x)); Xx. f(x) instead of \([x : A] f(x)); and 
m • a instead of app(m, a). 

3.3. As we noted in the Introduction, the second formulation of dependent products — 
which we will refer to as the funsplit-formulation — has the same introduction and abstrac- 
tion rules but replaces the application and /3-rules with elimination and computation 
rules which mirror those for the other constructors of type theory: they assert that each 
type 11(^4, B) is inductively generated by the elements of the form A(/). 



y:U(A,B) h C(y) type 
f:(x:A) B{x) h djf) : C(A(/)) m : U(A, B) 
funsplit(d, m) : C(m) 



IT-ELIM: 



y.n(A,B) h C(y) type 
f:(x: A) B(x) h djf) : C(X(f)) x : A h gjx) : B(x) 

n-coMP. 

funsplit(d, X(g)) - d{g) : C(X(g)) 

3.4. Observe that the assumption / : (x : A) B(x) h d(f) : C(A(/)) makes the funsplit 
rules into higher-order inference rules, which as such are inexpressible in the "polymor- 
phic" formulation of type theory. Our task in the remainder of this section will be to 
reformulate these rules in a first-order fashion. Our treatment is a generalisation of 
that given by Martin-L6f in his introduction to [5], with the major difference that we 
are working in the theory with intensional identity types, as opposed to the extensional 
equality types of [5] . 

3.5. Proposition: (cf. [7, p. 52]J In the presence of the rules II-FORM, II-INTRO, 
II-ELIM and IT-COMP, the rules II-APP and II-/3 are definable. 
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Proof. Suppose that m : H(A, B) and a : A. We define a type y : H(A, B) h C(y) type 
by taking C(y) := B(a); and a term / : (x : A)B{x) h d(f) : C(A(/)) by taking 
d{f) : = f( a )- Applying II-elimination, wc define app(m, a) := funsplit(d, m) : B(a). 
Moreover, when m = A(/) we have by H-COMP that app(A(/), a) = d(f) = f(a), which 
gives us II-/? as required. □ 

3.6. Proposition: (cf. [7, p. 62]) In the presence of the the identity types and the rules 
II-FORM, II-INTRO, II-ELIM and II-COMP, the following rules are definable: 

m : U(A, B) 

— — -, r- Il-PROP-??; 

r)(m) : \du(A,B) \ m , Ax. m • x) 

x:AV- f{x) : B(x) 
,(A(/)) = r(A(/)):ld n( .,B)(A(/), A(/)) 



Proof. Given y : U(A, B), we define a type C(y) := ld n (A,s)(2/ ; Xx.y ■ x). In the case 
where y = A(/) for some / : (x : A)B(x), we have C(y) = ldn(A,s)(A(/), Ax. A(/) • x) — 
ldn(A,B)(A(/), Xx.f(x)) = ld n (A,B)(A(/), A(/)) so that we may define an element 
d(f) : C(A(/)) by d(f) := r(A(/)). Using II-elimination, we define ?7(m) := funsplit(d, m); 
and when m = A(/), we have by II-COMP that r/(A(/)) = = r(A(/)) as required. □ 

3.7. Proposition: In the presence of identity types, the rafes II-FORM ; IT-intro, II-APP 
and T1-/3, and the rules II-prop-?7 and II-prop-?7-COMP of Proposition 3.6, the rules II- 
elim and II-COMP are definable. 



Proof. We first recall that in the presence of identity types, II-FORM, H-INTRO, II-APP 
and II-/?, we may derive the following "Leibnitz rules", which assuming A type and 
x : A h B(x) type, say that 

a\,a 2 :A p : \6a{<ii, a 2 ) b 2 : B(a 2 ) 

■ — - — — — Id-SUBST; 

subst(p, b 2 ) : B(ai) 

a: A b: B(a) 
subst(r(a),6) = b : B(a) 



Id-SUBST-COMP; 



see [7, p. 59], for example. 

So, suppose given judgements A type, x : A h B{x) type and y : H{A, B) h C{y) type 
and terms / : (x : A)B(x) h d(f) : C(A(/)) and m : U(A, B). We are required to define 
a term funsplit(c?, m) : C(m) satisfying funsplit(d, A(/)) = d(f ). We begin by forming 
the term 

T(d, m) := d([x : A] m ■ x) : C(Xx. m ■ x). 

By U-PROP-?7, we have a term n(m) : ldn(A,B)( TO ; Ax. m ■ x): so by substituting T(d, m) 
along 77(771) we obtain a term funsplit(rf, m) := subst(ri(m), T(d,m)) : C{m) as required. 
Moreover, when m = A(/), we obtain from H-/3 that T(d, A(/)) = d(f), and from 
U-PROP-77-COMP that r](X(f )) = r(A(/)); and so from Id-SUBST-COMP, we deduce that 

funsplit(d, A(/)) - subst(r(A(/)), d(f)) = d(f) : C(A(/)) 

as required. □ 
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3.8. Thus, in the presence of identity types, the funsplit-formulation of dependent prod- 
ucts is equipotent with the app-formulation extended with the propositional ?7-rule. Note 
carefully the extent of this equipotence: it is at the level of provability rather than at the 
level of proofs. In other words, if we are given a funsplit term, to which we apply Proposi- 
tions 3.5 and 3.6 to obtain terms app and 77; and then use Proposition 3.7 on these terms 
to obtain a new term funsplit', we should not expect funsplit(cf, m) = funsplit' (d, m) to 
hold. The best we can hope for is that 

y : U(A, B) h C(y) type / : (x : A)B(x) h d(f) : C(A(/)) m : U{A, B) 
ip(d,m) : ldc( TO ) (funsplit(d, m), funsplit' (d,m)) 

should hold; and this we may prove by an application of II-elim. 



4. n-APPLICATION DOES NOT ENTAIL IT-ELIMINATION 

4.1. We saw in Proposition 3.5 that the funsplit-formulation of dependent products sub- 
sumes the app-formulation; and the task of this section is to show that the converse does 
not obtain. In the previous section we were proving a positive derivability result, and so 
worked in a minimal fragment of Martin-L6f type theory in order to make our result as 
strong as possible. In this section, we are proving a negative derivability result: and to 
make this as strong as possible, we work in full Martin-L6f type theory. So in addition 
to identity types and the app-formulation of dependent products we assume the presence 
of dependent sums Y>x : A.B(x), the unit type 1, pairwise disjoint unions A + B, the 
empty type 0, the W-types, and the first universe U. We refer to the type theory with 
these constructors as ML app . Our main result will be: 

4.2. Theorem: Relative to the theory ML app , the funsplit rules II-elim and LI-COMP 
are not definable. 

Now, if we could define II-elim and H-COMP relative to ML app , then by Proposi- 
tion 3.6 we would also be able to derive also LT-PROP-Ty and IT-PROP-ry-COMP. Conse- 
quently, we may prove Theorem 4.2 by proving: 

4.2'. Theorem: Relative to the theory ML app , the rules LT-PROP-77 and LI-PROP-77- 
COMP of Proposition 3. 6 are not definable. 

4.3. Our method of proving Theorem 4.2' will be as follows. We first define the following 
rules relative to the theory ML app : 

A type x : A h B(x) type x: AY- fix) : B(x) 

LT -FORM; 7— — IT -ABS; 

Tl'(A,B) type A'(/) : IL'(A, B) 

m : U(A, B) a : A x : A h f(x) : B(x) a : A 

n'-APP* ii'-B 

app'(m,o):B(a) ' app'(A'(/), a) = /(a) : B(a) 

We then show that the corresponding rule II'-PROP-r? is not definable; and from this 
we deduce that the rule lI-PROP-?7 cannot be definable cither, since if it were then by 
replacing each II, A or app in its derivation with a IT, A' or app', we would obtain a 
derivation of 1T-PROP-77, which would give a contradiction. 



4.4. In order to define IT', A' and app', we will need to make use of disjoint union 
types. Given types A and B, their disjoint union is the type A + B with the following 
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introduction and elimination rules: 



a: A b:B 

+-introi; — — — I--INTRO2; 



Ui(a):A + B U 2 (b):A + B 

z : A + B h C(z) type 
x: A h f{x) :<7(Hi(a;)) y : B \- g(y) : C(ll 2 (y)) c : A + B 



case(/,5,c) : C(c) 



+-ELIM, 



subject to the computation rules case(/, 5, Ili(a)) = /(a) and case(/, 5, U 2 (6)) = <?(&). 
We use disjoint unions to define the il'-rules as follows. 

A type 1 : A h -B(x) type 

Il'-FORM; 



II' (A, B) := U(A, B) + H(A, B) type 

x : A h /(x) : B(x) 
X'(f) :=U 1 (X(f)):U(A,B)+U(A,B) 

to : U(A,B) +U(A,B) a : A 



n'-ABS; 



n'-APP 



app'(m, a) := case(app(-, a), app(-, a), to) : B(a) 

where we write app(-, a) as an abbreviation for the term [x : H(A, B)] app(x, a). To see 
that these definitions validate H'-0, we suppose that / : (x : A) B(x) and a : A; then by 
the first computation rule for disjoint unions and H-/3 we have that 

app'(A'(/),a) = case(app(- o), app(- o), Ui(A(/))) =app(A(/),a) = /(a) 

as required. 

4.5. It remains to show that with respect to the above definitions, the rule 

to : U'(A,B) 



rl (to) : ld n '(A,B)(w, A'o;. app'(m, a;)) 



it'-prop-?7 



cannot be derived. So suppose that it could. Since for each judgement x : A h f(x) : B(x) 
we have a term Il2(A(/)) : II' (A, B), we would obtain from this a derivation of 

x : A h f(x) : B(x) 



r?'(u 2 (A(/))) : ld nW )(n2(A(/)), X'x. app'(u 2 (A(/)), a;)) . 

But now by definition of app' we have that 

app'(u 2 (A(/)),a;) = case(app(- x), app(- x), U 2 (A(/))) = app(A(/),x) = /(x); 

and hence X'x. app'(n 2 (A(/)), x) = X'x. f(x) = IIi(A(/)), so that we may view the above 
derivation as a derivation of 

A type x : A h B(x) type x: AY- f(x) : B(x) 

v'(MKf))) ■■ ldn(A,B) + n(A, B )(H2(A(/)), n 1 (A(/))). 

To complete the proof, it suffices to show that no such derivation can exist. The key to 
doing so will be the following disjointness rule: 

Ctype c:C p : ld c+c (ll 2 (c), n^c)) 

W 0(c,p):O 

where is the empty type. If we can prove that this holds relative to ML app , then we 
will be able to deduce the underivability of (*). Indeed, suppose that (*) holds. Then 
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from this and (f) we can derive the following rule: 

x : A b f(x) : B(x) 
On(A,B){Kf), v'iMKf)))) :0 ; 

and by instantiating this derivation at some particular A, B and / — a suitable choice 
being A := 1, B := 1 and / := [x : 1] x — we obtain a global element of 0. But this is 
impossible, because ML app is known to be consistent, in the sense that has no global 
elements. An easy way of seeing that this is the case is by exhibiting a consistent model 
for ML app using the sets in our meta-theory. We interpret types as sets; dependent 
sums and products as indexed sums and products; identity types as meta-theoretic 
equality; the terminal type as a one-element set and the empty type as the empty 
set. The interpretation of W- types and the first universe is a little more complex, and 
depends upon the existence of inductive datatypes in our meta-theory, but is essentially 
unproblcmatic. 

4.6. All that remains to complete the proof of Theorem 4.2' is to show that the disjoint- 
ness rule (f) is derivable in ML app . This follows by a standard argument (cf. [7, p. 86]). 
Recall that one of the type constructors in ML app was that for the universe type [7, 
Chapter 14]. This is a type U containing "codes" for each of the other type formers of 
ML app . In particular, we have rules 

— ; U-intrO! and — U-intro 2 

: U 1 : U 

introducing codes for the empty type and the terminal type. Recall also that U comes 
equipped with a decoding function D which is given by an indexed family of types 

x : U b D(x) type 

together with computation rules which determine the value of D on canonical elements 
of U. In particular, we have rules 

— U-compi and — U-comp 2 . 

D(0) = type D(l) = 1 type 

So suppose now that C type, c : C and p : ldc+c( u 2(c), Ui(c)) as in the premisses 
of (f). We are required to derive an element of 0. We begin by defining functions 

x : C b f(x) := : U and x : C V g(x) := 1 : U. 

Applying +- elimination to these we obtain a function case(/, g,-) : C + C — > U; and 
using the decoding function D on this we obtain a family 

z : C + C b T(z) := D(case(/, g, z)) type. 

Now from the rule Id-SUBST defined in Proposition 3.7, together with the given proof 
p : ldc+c (112(c), Ui(c)) we obtain the term 

x : T(Hi(c)) b substO,:r) : T(u 2 (c)). 

But we have that T(Ui(c)) = D(/(c)) = D(6) = and that T(u 2 (c)) = D(g(c)) = 
D(l) = 1, so that we may view this as a function x : 1 b subst(p, x) : 0. In particular, by 
evaluating this function at the canonical element * : 1 we obtain an element subst(p, *) : 
as required. This completes the proof of Theorem 4.2'. 
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5. Function extensionality 

5.1. In this final section, we investigate the principle of function extensionality in Martin- 
Lof type theory, which asserts that two elements of a dependent product type which 
are pointwise propositionally equal, are themselves propositionally equal. Explicitly, it 
is given by the following two inference rules: 

m, n : H(A, B) k : Hx : A. ld S ( x )(m • x, n ■ x) 

— II-EXT, 

ext(m, n, k) : ld n ( J 4,s)(m, n) 

f:(x:A) B(x) 



ext(A(/),A(/),A(r/)) =r(A(/)) : \d u{A , B) (X(f), A(/)) 



II-EXT-COMP, 



where we write rf as an abbreviation for the term [x : A]rf(x). These rules were 
considered first by Turner in [9] and then more extensively by Hofmann [2]. From a 
computational perspective they are hard to justify, since they cause the natural oper- 
ational semantics of Martin-L6f type theory (cf. [7, Appendix B]) to break down, and 
consequently destroy one of the more pleasant proof-theoretic properties of Martin-L6f 
type theory, namely that every global element of a closed type is dcfinitionally equal to 
a canonical element. 

However, from a semantic perspective, function extensionality is rather important. It 
is admitted by many models of type theory; and in the forthcoming [1], it will play a 
crucial role in the description of the author's two-dimensional models. However, whilst 
preparing [1] , it became apparent to the author that the usual formulation of function 
extensionality seems to be insufficient for deriving a number of very natural propositional 
equalities which one would expect to hold. The purpose of this section is to describe 
these problems in more detail, and to suggest a new, more general principle which 
resolves them. 

Throughout this section, we work in the fragment of type theory given by the identity 
types and the a pp- formulation of dependent products. In order to minimize clutter, 
we also allow ourselves the notational convenience of writing function application f(x) 
simply as fx, and A-abstraction A(/) simply as A/. We begin by recording some useful 
consequences of function extensionality: 

5.2. Proposition: In the presence of U-EXT and n-EXT-COMP, the rules H-PROP-r] and 
n-PROP-?7-COMP of Proposition 3.6 are definable. 

Proof. Given m : H(A, B), we must exhibit a term rj{m) : ld n (yi.B)( TO 7 Ax. to • x). So 
we define n — Ax. m • x : U(A, B); and by H-f3 have that n ■ x — (Ax. m • x) ■ x = m ■ x 
whenever x : A. We may now define 77(771) := ext(ro, n, Xx.r(m ■ x)); and moreover, 
when m = A/ for some / : (x : A)B(x), the /3-rule implies that m — n, so that 
n(Xf) = ext(A/, A/, A(r/)) = r(Xf) as required. □ 

5.3. Proposition: In the presence of n-EXT and n-EXT-COMP, the following proposi- 
tional £-rules are definable: 

/, g : (x : A) B(x) p : (x : A) \d B{x) (fx, gx) 

ii-prop-£, 



£{f,9,p) ■ ldn(A,B)(A/, Xg) 

/ : (x : A) Bjx) 

C(/,/,r/)=7-(A/):ldn ( A,B)(A/,A/) 



Il-PROP-£-COMP. 
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Proof. Given /, g and p as in the hypotheses of II-prop-^, we consider to — Xf and 
n = Xg in IL(A, B). By the /3-rule, we may view p as a term 

x : A h p(a;) : lds( x )(m ■ x, n ■ x); 

and hence may define £(/, = ext(A/, Ag, Ap). Moreover, we have that £(/, /, rf) = 
ext(A/, A/, A(r/)) = r(A/) as required. □ 

In fact, we have a converse to the previous two propositions: 

5.4. Proposition: In the presence of the rules II-PROP-77 and II-PROP-77-COMP of Propo- 
sition 3.6 and the rules II-PROP-^ and I1-prop-£-COMP of Proposition 5.3, the function 
extensionality rules II-ext and II-ext-COMP are definable. 

Proof. Recall from [4] that, in the presence of dependent products, the identity types 
admit an operation which one may think of as cither transitivity or composition: 

p :\d A {ai,a 2 ) g:ldA(a 2 ,a 3 ) p : \d A (ai,a 2 ) 

Id-TRANS, Id-TRANS-COMP; 

qop : \dA{ai,a 3 ) por(ai) =P ■ ld A (ai,a 2 ) 

and also an operation which one may think of as either symmetry or inverse: 
p : lcU(ai, 02) a : A 

Id-SYMM, = Id-SYMM-COMP. 



p :ld/i(a2,ai) r(a) = r(a) : \Aa (a, a) 

Now suppose we are given terms to, n and k as in the hypotheses of II-ext. We begin 
by defining terms 



/ 
9 

and p 



= [x : A] to • x : (x : A) B(x) 

= [x : A] n ■ x : (x : A) B(x) 

= [x : A] k -x : (x : A) \d B ( x ){fx,gx). 



Observe that the third of these is well-typed by virtue of the first two. Applying the 
propositional £-rule, we obtain a term 

£(/, 9, P) ■ ldn( ab) (\f, A3) = \d n (A,B) (Ax. to • x, Xx.n-x). 

But from the propositional 77-rule and Id-symmetry rule, we have terms 

77(771) : \dYi(A.B)( m , Xx.m-x) and ^(n)^ 1 : \dn^A.B){^ x - n • x , n ) 

and now can define ext(m,n,p) := Ty(n) -1 o (^(/, g,p) o 77(777,)) : Idn(yi.B) ( m , n )- In the 
case where m = n = Xh and p = X(rh) we have by the /3-rule that f = g = h, and so 
may calculate that 

ext(A/i, Xh, X(rh)) = ^{Xh)- 1 o {£(h, h, rh) o v (Xh)) 

= r(Xh)- 1 o (r(Xh) o r(Xh)) = r(Xh) 

as required. □ 

Thus relative to the theory with identity types plus the a pp- formulation of dependent 
products, the function extensionality principle is equipotent 1 with the conjunction of 
the propositional 77- and propositional £-rules; and relative to the theory with identity 
types plus the funsplit formulation of dependent products, function extensionality is 
equipotent with the propositional £-rule. 



1 Again, at the level of provability rather than than proofs. 
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5.5. We now wish to describe the inadequacies of function extensionality. These arise 
from its failure to continue a characteristic trend in intensional type theory, namely that 
nearly every statement that one may think should hold about the identity types, does 
hold. For instance, in the proof of Proposition 5.4, we saw that the identity types Id^ 
come equipped with operations which we called composition and inverse. We would hope 
for this composition to be associative and unital, and for the inverse operation to really 
provide compositional inverses; and a straightforward application of Id-elimination shows 
this to be the case, at least when we interpret associativity, unitality and invertibility in 
an "up-to-propositional-equality" sense. Similarly, each judgement x : A \- f(x) : B{x) 
induces a judgement x, y : A, p : lcU(x, y) h f(p) : \d B ( x ^(fx, fy) which we would expect 
to be suitably "functorial" in p: and again, an application of Id-elimination confirms 
this, providing us with canonical propositional equalities between f(qop) and f(q)of(p). 
However, when it comes to function extensionality, there are a number of statements 
which intuitively should be true but which seem to be impossible to prove. Here are 
two typical examples. 

5.6. Examples: 

(1) Using Id-elimination we can derive a rule 

m, n:H(A, B) p : ld n (A,s)( m ) n ) a : A 
p* a : lds( a ) (m ■ a, n ■ a) 

satisfying r(m)*a — r(m-a), which expresses that any two propositionally equal 
elements of a n-type are pointwise propositionally equal. It now seems to be 
impossible to show that for k : He : A. \d B t x \ (m • x, n ■ x) and a : A we have k ■ a 
propositionally equal to ext(m, n, k) * a. 

(2) Suppose given terms £,m,n : H(A, B) and proofs / : (x : A) \d B r x \(£ ■ x, m ■ x) 
and g : (x : A) ld B ( x )(m ■ x, n-x). Let us write g o / for the term [x : A] gx o fx. 
It now seems to be impossible to verify a propositional equality between the 
elements 

ext(m, n, Xg) o ext(£, to, A/) and ext(£, n, X(g o /)) 
of \d U (A,B){t,n). 



5.7. The reason that we encounter these problems is essentially the following. We 
would like to construct the desired propositional equalities by eliminating over the 
type u, v : Tl(A, B) h Rx : A. \d B ( x ^(u ■ x, v ■ x). But the elimination rule we need is 
one that does not exist, which says that this type is generated by elements of the form 
(A/, A/, A(r/)). In light of this, we propose that function extensionality should be re- 
placed with just such an elimination rule. We consider the following two rules: 

u, v : n(A, B), w : He : A. \d B (x) (u • x, v • x) h C(u, v, w) type 
/ : (x : A) B{x) h d(f) : C(Xf, A/, A(r/)) 
m, n : n(A, B) k : Ux : A. ld S ( x ) (to • x, n-x) 



L(d, to, n, k) : C(m, n, k) 

u, v : H(A, B), w : Ux : A. \d B ^(u ■ x, v ■ x) h C(u, v, w) type 
/ : (x : A) B(x) h d(f) : C(Xf, A/, A(r/)) h : (x : A)B(x) 



II-ld-ELIM, 



Il-Id-COMP. 



L{d, Xh, Xh, X(rh)) = d{h) : C{Xh, Xh, X{rh)) 

Observe that these two rules are once again higher-order inference rules. We will return 
to this point in §5.11 below. 
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Let us first see how these rules entail function extensionality: 

5.8. Proposition: In the presence of identity types, the app- formulation of H-ty pes and 
the rules Il-Id-ELIM and Il-ld-COMP o/§5. 7, it is possible to define the function exten- 
sionality rules Il-EXT and Il-EXT-COMP. 

Proof. For each u, v : H{A,B) and w : He : A.\A B i x \{u ■ x, v ■ x) we define a type 
C(u,v,w) :— ld n ( A v); and for each f : (x : A)B(x), we define an element 
d(f) := r(Xf) : C(Xf,Xf,X(rfj). Applying Il-ld-chniination, we obtain the desired judge- 
ment 

m, n : H(A, B) k : Tlx : A. \d B i x \ (m ■ x, n ■ x) 
ext(m, n,k) :— L(d, m, n, k) : \du(A.B) ( m , n ) ' 
and calculate that ext(Xf,Xf,X(rfj) = L(d, Xf, Xf, X(rf)) = d(f) = r(Xf) as required. 

□ 

Let us now see how these rules allow us to give a positive answer to the problems 
posed in Examples 5.6. 

5.9. Proposition: In the presence of identity types, the app-forraulation ofll-types and 
the rules IT-Id-ELIM and IT-ld-COMP of $5. 7, the following rules are definable: 

m, n : H(A, B) k : Hx : A. \d B ( x ){m ■ x, n ■ x) a : A 



fj,(m,n,k,a) : \d idB(a){m . a>n . a - ) (ext(m,n,k) * a, k ■ a) 
f : (x : A) B(x) 



II-EXT-APP, 



MA/, A/, A(r/),a) = r{rfa) : ld| ds(a) {faJa) (rfa, rfa) 
where * is the operation defined in Examples 5.6(1). 



II-EXT-APP-COMP, 



Proof. For each u, v : H(A,B) and w : Hx : A. Id^^u • x, v ■ x) we define a type 
C(u, v, w) := Hx : A. \d\ dtB(;c) ^ u . x ^ v . x - j (ext(u, v,w)*x, w ■ x). Now for f : (x : A) B(x), we 
calculate that 

C(Xf, Xf, X(rf)) =Ux : A. ld| dfl( . )(/l , /x) (ext(A/ ) Xf, X(rf)) * x, rfx) 

= Ux : A. ld| dB(a0 ( /xJx )(r(A/) * x, rfx) 

= Ux : A.\d UBw(fXifx) (rfx, rfx) 

so that we may define d(f) := Xx.r(rfx) : C(Xf ,Xf ,X(rf)). An application of Ll-ld- 
climination now yields the judgement II-ext-APP by taking 

/j,(m, n, k,a) := L(d, m,n,k)-a: ld| ds(a) (m . a: „. a) (ext(m, n,k)*a, k-a). 

Finally, we compute that y(i(A/, Xf, X(rf ),a) = Xx. r(rfx) ■ a — r(rfa) as required. □ 

5.10. Proposition: In the presence of identity types, the app -formulation of U-types 
and the rules Il-Id-ELIM and LT-ld-COMP o/§5.7, the following rule is definable: 

i, m, n : H(A, B) f : (x : A) Id^)^ ■ x,m ■ x) g : (x : A) ld B ( a; )(m • x,n ■ x) 

v(f,g) ■ ld| dn(A B) (£, n ) (ext(m, n, Xg) o ext(^, m, Xf), ext(£, n, X(g o /))) 

Proof. It suffices to derive the rule: 
£, m, n : H(A, B) j : Hx : A. Id^^) (£ • x,m ■ x) k : Hx : A. Id^^) (m • x, n ■ x) 
v'{j,k) : ld !dn(A B)( ^„)(ext(m,n, k) o ext(£,m, j), ext(£, n, Xx. k ■ x o j ■ x)) 
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since the required result then follows by taking j := Xf and k := Xg. But by II- Id-elimination 
on k, it suffices to derive this rule in the case where m = n = Xh and k = X(rh); which 
is to show that 

£:U(A,B) h: (x : A)B(x) j : Tlx : A.\d B(x) (£ ■ x,hx) 
u'(j,X(rh)) : ld, dn(A B)(A/li „ } (ext(A/i, Xh, A(rft)) o ext(£, Xh, j), 

ext(£, Xh, Xx.r(hx) o j ■ x)) 

is derivable. But we have that r(hx) o j ■ x = j ■ x and that ext(Xh, Xh, X(rhj) = r(Xh) 
so that ext(Xh, Xh, X(rhj) o ext(£, Xh,j) = ext(£, Xh,j): so that it suffices to show that 

£:U(A,B) h : (x : A) B{x) j : Tlx : A. \d B(x) {£ ■ x, hx) 
v'(j,Krh)) : ldid n(jliB) (Ah,n)(ext(^, Xh, j), ext(£, Xh, Xx.j-x)) 

is derivable. Now, using the propositional 7/-rule, we can derive a term r](j) witnessing 
the propositional equality of j and Ax. j • x; and we will be done if we can lift this to a 
propositional equality between ext(£, Xh,j) and ext(£, Xh, Xx.j ■ x). But we may do this 
using the following rule: 

a, b : U(A, B) c,d:Ilx : A. \d B{x) (a-x,b-x) p : ldn X :A. id B(x) (a-x.b-x) (c, d) 

ext(p) : ld| dn(A B) (ext(a,6,c), ext(a,b,d)), 

which is derivable by Id-elimination on p. □ 

In Section 4, we saw that the higher-order formulation of II-types can be restated in 
a first-order manner; and the final result of this paper will do something similar for the 
n- Id-elimination rule. 



5.11. Proposition: In the presence of the identity types; the app- formulation of II- 
types; the function extensionality rules 11-ext and n-EXT-COMP; and the rules II-ext- 
APP and II-EXT-APP-COMP of Proposition 5.9, we can define the rules n-ld-ELlM and 
n-ld-COMP o/§5.7. 

Proof. Suppose that we are given terms 

u, v : H(A, B), w : Ux : A. ld S ( x )(u ■ x, v ■ x) h C(u, v, w) type 
f : (x : A)B(x) h d(f) : C(Xf, Xf, A(r/)) 
m, n : n(A, B) k : Hx : A. Ids( x )(m • x, n ■ x) 

as in the premisses of IT-Id-ELIM. We are required to find an element L(d,m,n, k) : 
C(m, n, k). We will employ much the same method as we did in the proof of Proposition 
3.7, though the details will be a little more complicated. We begin by constructing the 
element d([x : A] m ■ x) : C(Xx. m ■ x, Xx. m ■ x, Xx. r(m ■ x)); and the remainder of the 
proof will involve applying various substitutions to this element until we obtain the 
required element of C(m,n, k). The key result we need is the following lemma. 

Lemma. We may define a rule: 

^ ^ u,v:U(A,B) P : ldn(A,B)( u ) w ) c:C(Xx.u-x, Xx.u-x, Xx.r{u-x)) 

(j)(p, c) : C(u, v, Xx.p * x) 

satisfying 4>(r(Xf), c) = c. 

Before proving this, let us see how it allows us to derive the required element of 
C(m, n, k). Using function extensionality we can form ext(m, n, k) : Idjj^ B ^ (m, n); and 
so by applying <ft to this and d( [x : A] m ■ x) can obtain an element 

b(m, n, k) ■= 0(ext(m, n, k), d( [x : A] m ■ x)) : C(m, n, Xx. ext(m, n, k) * x). 
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We now make use of the rule II-ext-APP of Proposition 5.9, which provides us with a 
term 

x : A h fj,(m,n,k,x) : \d\ dB(x) ( m . Xin . x )(ext(m,n,k) *x, k-x); 
applying function extensionality to which yields a term 

p(m,n,k) := ext(Ax. ext(m, n, k) * x, k, Xx. n(m,n,k,x)) 

■ ^nx:A.\d B(x) (m x,n-x){^x.ext(m,n,k) * x, k). 

The final step is to use the Leibnitz rule defined in the proof of Proposition 3.7 to 
form the required term L{d 1 m 1 n,k) := subst(p(m, n, k), b(m, n, k)) : C(m,n,k). We 
are also required to show that L(d, Xf, Xf, A(r/)) = d(f). For this, we first note that 
6(A/,A/,A(r/)) = 0(r(A/),d(/)) = d(f) : C(Xf, A/, A(r/)). Next we observe that 
/u(A/, A/, X(rf),x) — r(rfx) so that we have 

p(Xf, A/, A(r/)) = ext(Ax. r(A/) * a;, A(r/), Ax. r(r/x)) 

= ext(A(r/), A(rf), A(rr/)) = r(A(r/)) 

so that L(d, Xf, Xf, A(r/)) = subst(r(A(r/)), d{f)) = d(f) as required. 

It remains only to prove the Lemma. We will derive (*) by Id-elimination on p, for 
which it suffices to consider the case where u = v and p ~r(u). So we must show that 

u : II(j4, B) c:C(Xx.u-x, Xx.u-x, Xx.r(u-x)) 
4>{r(u), c) : C(u, u, Ax. r(u) * x) 

is derivable; which in turn we may do by Ll-climination on u. Indeed, when we have 
u = Xf for some / : (x : A)B(x), we find that C(Xx.u ■ x, Xx.u ■ x, Xx.r(u ■ x)) = 
C(A/, Xf, A(r/)) = C(u, u, Xx. r(u) * x) so that we may take (j)(r(Xf), c) = c. □ 

5.12. We end the paper with an informal discussion of the adequacy of our strength- 
ening of the principle of function extensionality. We have portrayed it as a necessary 
strengthening, but we have not indicated why we think it sufficient: could there not be 
yet more exotic propositional equalities of the sort considered in Examples 5.6 which 
our II- Id-elimination rule cannot verify? 

The reason the author believes this not to be the case is essentially semantic: if 
we wish to consider higher-dimensional categorical models of type theory, it turns out 
that this elimination rule is just what is needed to make sense of the idea that Ll-typc 
formation should provide a suitably weak right adjoint to reindexing. The author has 
verified the details of this in the case of the two-dimensional models alluded to in the 
Introduction and §5.11, and has sketched them for a putative theory of three-dimensional 
models. Moreover, there is a good reason to believe that this argument extends to all 
higher dimensions, which runs as follows. 

When we form higher-dimensional models of type theory, we obtain the higher- 
dimensionality from the identity type structure. In order for LI-type formation to provide 
a weak right adjoint to pullback, it must respect the higher-dimensionality, and hence 
the identity type structure. Now, if we are given A type and x : A h B(x) type, then 
dependent product formation over x : A sends the identity type 

x : A, y,z: B(x) h \d B{x) (y,z) type 

to the type 

m, n : H(A, B) h ITx : A.\d B ^{m ■ x,n ■ x) type; 

and to say that function space formation preserves the identity type structure is to say 
that this latter type should act like an identity type for 11(^4,5); and it precisely this 
which is expressed by our elimination rule LI-ld-ELiM. 
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